Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902624
Kategorie:General
Titel:RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Aug11
Zusammenfassung:This host is installed with RealPlayer which is prone to multiple; vulnerabilities
Beschreibung:Summary:
This host is installed with RealPlayer which is prone to multiple
vulnerabilities

Vulnerability Insight:
Multiple flaws are due to:

- Unspecified errors in an ActiveX control in the browser plugin.

- Improper handling of DEFINEFONT fields in SWF files which allows remote
attackers to execute arbitrary code via a crafted file.

- A buffer overflow error which allows remote attackers to execute arbitrary
code via a crafted raw_data_frame field in an AAC file and crafted ID3v2
tags in an MP3 file.

- An use-after-free error allows remote attackers to execute arbitrary code
via vectors related to a dialog box and a modal dialog box.

Vulnerability Impact:
Successful exploitation allows remote attackers to execute arbitrary
code or cause a denial of service.

Affected Software/OS:
RealPlayer versions 11.0 through 11.1
RealPlayer SP versions 1.0 through 1.1.5 (12.x)
RealPlayer versions 14.0.0 through 14.0.5
RealPlayer Enterprise versions 2.0 through 2.1.5

Solution:
Upgrade to RealPlayer version 14.0.6 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 49202
BugTraq ID: 49175
BugTraq ID: 49174
BugTraq ID: 49195
BugTraq ID: 49200
BugTraq ID: 49198
BugTraq ID: 49996
Common Vulnerability Exposure (CVE) ID: CVE-2011-2946
http://www.securitytracker.com/id?1025943
Common Vulnerability Exposure (CVE) ID: CVE-2011-2948
http://zerodayinitiative.com/advisories/ZDI-11-268/
Common Vulnerability Exposure (CVE) ID: CVE-2011-2949
http://zerodayinitiative.com/advisories/ZDI-11-267/
Common Vulnerability Exposure (CVE) ID: CVE-2011-2952
Common Vulnerability Exposure (CVE) ID: CVE-2011-2953
Common Vulnerability Exposure (CVE) ID: CVE-2011-2955
Common Vulnerability Exposure (CVE) ID: CVE-2011-2947
http://zerodayinitiative.com/advisories/ZDI-11-269/
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.